package popedom

import (
	"shqsoft.cn/pasnj/base"
	"shqsoft.cn/pasnj/popedom/entity"
	//	log "github.com/sirupsen/logrus"
)

// GrantPermissionsAndUsersToRole 给角色授予权限并绑定用户
func GrantPermissionsAndUsersToRole(roleID int, permissions map[int]string, userIds ...int) error {
	tx := base.DB.Begin()
	var oUids []int
	err := tx.Model(entity.UserRole{}).Where("RoleId = ?", roleID).Pluck("UserId", &oUids).Error
	isFind := false
	delUids := make([]int, 0, 10)
	for _, oid := range oUids {
		isFind = false
		for _, nid := range userIds {
			if oid == nid {
				isFind = true
				break
			}
		}
		if !isFind {
			delUids = append(delUids, oid)
		}
	}
	if err != nil {
		tx.Rollback()
		return err
	}
	err = tx.Where("RoleId = ?", roleID).Delete(entity.RolePermission{}).Error
	if err != nil {
		tx.Rollback()
		return err
	}
	err = tx.Where("RoleId = ?", roleID).Delete(entity.UserRole{}).Error
	if err != nil {
		tx.Rollback()
		return err
	}
	for k, v := range permissions {
		rolePerm := entity.RolePermission{
			RoleId:           roleID,
			PermissionId:     k,
			PermissionType:   v,
			IsAllowCommision: false,
			IsAllowProxy:     false,
		}
		err := tx.Create(&rolePerm).Error
		if err != nil {
			tx.Rollback()
			return err
		}
	}
	for _, uID := range userIds {
		up := entity.UserRole{
			RoleId:           roleID,
			UserId:           &uID,
			IsAllowCommision: false,
			IsAllowProxy:     false,
		}
		err := tx.Create(&up).Error
		if err != nil {
			tx.Rollback()
			return err
		}
	}
	tx.Commit()
	err = ClearRolePermsFormRedis(roleID)
	if err != nil {
		return err
	}
	err = loadRolePermsToRedis(roleID)
	if err != nil {
		return err
	}
	for _, uID := range userIds {
		err = ClearUserPermsFormRedis(uID)
		if err != nil {
			return err
		}
		err = LoadUserPermsToRedis(nil, uID)
		if err != nil {
			return err
		}
	}
	for _, uID := range delUids {
		err = ClearUserPermsFormRedis(uID)
		if err != nil {
			return err
		}
		err = LoadUserPermsToRedis(nil, uID)
		if err != nil {
			return err
		}
	}
	return nil
}

// GrantPermissionsAndRolesToUser 给用户授予权限并绑定角色
func GrantPermissionsAndRolesToUser(userID int, permissions map[int]string, roleIds ...int) error {
	tx := base.DB.Begin()
	err := tx.Where("UserId = ?", userID).Delete(entity.UserPermission{}).Error
	if err != nil {
		tx.Rollback()
		return err
	}
	err = tx.Where("UserId = ?", userID).Delete(entity.UserRole{}).Error
	if err != nil {
		tx.Rollback()
		return err
	}
	for k, v := range permissions {
		rolePerm := entity.UserPermission{
			UserId:           userID,
			PermissionId:     k,
			PermissionType:   v,
			IsAllowCommision: false,
			IsAllowProxy:     false,
		}
		err := tx.Create(&rolePerm).Error
		if err != nil {
			tx.Rollback()
			return err
		}
	}
	for _, rID := range roleIds {
		up := entity.UserRole{
			RoleId:           rID,
			UserId:           &userID,
			IsAllowCommision: false,
			IsAllowProxy:     false,
		}
		err := tx.Create(&up).Error
		if err != nil {
			tx.Rollback()
			return err
		}
	}
	tx.Commit()
	for _, rID := range roleIds {
		err = ClearRolePermsFormRedis(rID)
		if err != nil {
			return err
		}
		err = loadRolePermsToRedis(rID)
		if err != nil {
			return err
		}
	}
	err = ClearUserPermsFormRedis(userID)
	if err != nil {
		return err
	}
	err = LoadUserPermsToRedis(nil, userID)
	if err != nil {
		return err
	}

	return nil
}
